Spring Security Two-Factor Auth (2FA) with JWT Token
Creating REST APIs is a better approach for building one-time token-based authentication combined with Jwt tokens in Spring Security.
Creating REST APIs is a better approach for building one-time token-based authentication combined with Jwt tokens in Spring Security.
Spring Security framework supports a wide range of authentication models, and in this tutorial, we will cover OAuth2 authentication using Amazon Cognito. We will walk through a step-by-step guide from creating the user pool in the AWS, adding the app client, and configuring it in the Spring Boot application. 1. …
Learn the core concepts of configuring role-based authorization in Spring Security 6 and implementing authorization in a Spring Boot application.
If you’re preparing for a job interview, these Spring security interview questions will help you understand key concepts and increase the confidence.
After WebSecurityConfigurerAdapter was first deprecated and then removed in Spring Security 6, this tutorial will help in migrating to the latest version.
In Spring security tutorial, learn how it works under the hood, concepts of authentication, authorization, access control and basic configurations.
Learn to use the test container library (KeycloakContainer) to start keycloak server as a docker container while unit testing with JUnit and Spring boot.
This Spring security tutorial discusses using Keycloak and Spring Security OAuth2 to implement token-based authentication in a spring boot app.
Learn to implement authentication with a user login and logout functionality using Vue.js and Spring Boot Security using JWT tokens.
Learn to configure OAuth2 authorization-based login security in a Spring boot and spring security application with custom handlers.
Learn to partially or fully disable the Spring security in Spring boot applications based on selected runtime @Profile or using properties.
Learn to enable DEBUG and TRACE level logging for spring security configuration, request processing and filter chain proxy using simple switches.
Learn to configure and test a spring security login form based authentication that fetches the username, password and roles from the database.
Learn to pass the Spring SecurityContext instance to new threads either spawned by Spring @Async or created explicitly using new Runnable or Callable instances. 1. Default Strategy is ThreadLocal Once the AuthenticationManager completes the authentication process successfully, it stores the Authentication instance for the rest of the request in the …
Learn to create, plug in and test a custom Authentication Provider into the spring security and register with the authentication manager.
Learn the contract spring security expects from PasswordEncoder interface, inbuilt implementations and DelegatingPasswordEncoder with examples.
Learned default spring security login form and auto-configuration and configuring custom login form, success and failure URLs and handlers.
Java configuration example to enable spring security with the help of @EnableWebSecurity annotation and WebSecurityConfigurerAdapter class.
Learn about the contract that spring security expects from UserDetailsService and PasswordEncoder, initial defaults and basic customizations.
HowToDoInJava provides tutorials and how-to guides on Java and related technologies.
It also shares the best practices, algorithms & solutions and frequently asked interview questions.